ACL for IP restriction

In our intraweb we use an openldap server that holds all user specific
data (including auth information like crypted passwords etc.). All other
machines auth against this ldap server.
I now want to allow a machine from our perimeter net to authen against
this ldap server as well. But only this one machine and only with very
limited access.
I'm a bit scared to open the firewall because the perimeter machine
gets full LDAP access to the crypted passwords. So what I was thinking of
was to limit the access based on the machines IP.
This is what I got so far:
access to
attrs=userPassword
by self write
by dn="uid=root,dc=dff,dc=local" write
by addr=62.132.127.51 compare
by addr=172.16.0.0 compare
by * none
access to
attrs=emailalias,icq
by self write
by dn="uid=root,dc=dff,dc=local" write
by addr=62.132.127.51 none
by addr=172.16.0.0 write
by * none
access to
*
by dn="uid=root,dc=dff,dc=local" write
by addr=172.16.0.0 read
by * none
Can you guys please comment on this?
Thanx in advance
--
Torsten